Sophos’ Secure by Design 2025 Progress
We are pleased to openly share our pledges and the progress we are making in each of the seven core pillars of product security in the Secure by Design framework
Similar Posts
IMPACT: 170 patients harmed as a result of Qilin’s ransomware attack on NHS vendor Synnovis
Bys sPA News Agency reports that as a result of the attack, more than 10,000 appointments were cancelled at the two London NHS trusts that were worst affected, and a significant number of GP practices in London were unable to order blood tests for their patients. Now the Health Service Journal (HSJ) [paywalled] has reported that…
Preservation notice sent to Radford University in widening data leak case
Bys sThomas Mundy reports: Attorneys have sent a preservation notice to Radford University leaders to preserve all relevant evidence regarding a possible data breach involving former students. Former Michigan assistant football coach Matt Weiss has been federally indicted after prosecutors accused him of hacking into private accounts of student-athletes to access potentially compromising images. “When it…
Chinese Tech Companies Tencent, CATL and Others Protest US Listings as Army-Linked Companies
Bys sThe U.S. Defense Department added dozens of Chinese companies, including Tencent, SenseTime and battery maker CATL, to a list of companies it says have ties to China’s military. The post Chinese Tech Companies Tencent, CATL and Others Protest US Listings as Army-Linked Companies appeared first on SecurityWeek.
TikTok Restores Service for US Users Based on Trump’s Promised Executive Order
Bys sTikTok restored service to users in the United States on Sunday just hours after the popular video-sharing platform went dark in response to a federal ban. The post TikTok Restores Service for US Users Based on Trump’s Promised Executive Order appeared first on SecurityWeek.
Medical Billing Vendor Sued Over Health Data Leak ‘Gold Mine’
Bys sCassandre Coyer reports: Health-care billing company Medical Billing Specialists Inc. didn’t appropriately monitor its computer systems, failing to notice a data breach exposing swaths of its clients’ patient data, a proposed class action said. The provider didn’t follow its contractual requirements with medical providers, nor “industry standards, common law, and representations” it made about its…
SEO Poisoning Campaign Targets 8,500+ SMB Users with Malware Disguised as AI Tools
Bys sCybersecurity researchers have disclosed a malicious campaign that leverages search engine optimization (SEO) poisoning techniques to deliver a known malware loader called Oyster (aka Broomstick or CleanUpLoader). The malvertising activity, per Arctic Wolf, promotes fake websites hosting trojanized versions of legitimate tools like PuTTY and WinSCP, aiming to trick software professionals